Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-2722-1:0F82B
HistoryJul 15, 2013 - 3:52 p.m.

[SECURITY] [DSA 2722-1] openjdk-7 security update

2013-07-1515:52:23
lists.debian.org
21

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.5%

JSON

Debian Security Advisory DSA-2722-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
July 15, 2013 http://www.debian.org/security/faq

Package : openjdk-7
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412
CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446
CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450
CVE-2013-2451 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454
CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458
CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463
CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471
CVE-2013-2472 CVE-2013-2473

Several vulnerabilities have been discovered in OpenJDK, an
implementation of the Oracle Java platform, resulting in the execution
of arbitrary code, breakouts of the Java sandbox, information disclosure
or denial of service.

For the stable distribution (wheezy), these problems have been fixed in
version 7u25-2.3.10-1~deb7u1. In addition icedtea-web needed to be
updated to 1.4-3~deb7u1.

For the unstable distribution (sid), these problems have been fixed in
version 7u25-2.3.10-1.

We recommend that you upgrade your openjdk-7 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian6amd64openjdk-6-jre-headless< 6b27-1.12.6-1~deb6u1openjdk-6-jre-headless_6b27-1.12.6-1~deb6u1_amd64.deb
Debian6mipsopenjdk-6-dbg< 6b27-1.12.6-1~deb6u1openjdk-6-dbg_6b27-1.12.6-1~deb6u1_mips.deb
Debian6amd64openjdk-6-jre< 6b27-1.12.6-1~deb6u1openjdk-6-jre_6b27-1.12.6-1~deb6u1_amd64.deb
Debian6mipsicedtea-6-jre-cacao< 6b27-1.12.6-1~deb6u1icedtea-6-jre-cacao_6b27-1.12.6-1~deb6u1_mips.deb
Debian7i386openjdk-6-jre-headless< 6b27-1.12.6-1~deb7u1openjdk-6-jre-headless_6b27-1.12.6-1~deb7u1_i386.deb
Debian7powerpcopenjdk-7-jre-headless< 7u25-2.3.10-1~deb7u1openjdk-7-jre-headless_7u25-2.3.10-1~deb7u1_powerpc.deb
Debian7allopenjdk-7-doc< 7u25-2.3.10-1~deb7u1openjdk-7-doc_7u25-2.3.10-1~deb7u1_all.deb
Debian6ia64openjdk-6-dbg< 6b27-1.12.6-1~deb6u1openjdk-6-dbg_6b27-1.12.6-1~deb6u1_ia64.deb
Debian7ia64openjdk-6-demo< 6b27-1.12.6-1~deb7u1openjdk-6-demo_6b27-1.12.6-1~deb7u1_ia64.deb
Debian7powerpcicedtea-6-jre-jamvm< 6b27-1.12.6-1~deb7u1icedtea-6-jre-jamvm_6b27-1.12.6-1~deb7u1_powerpc.deb
Rows per page:
1-10 of 1661

Related

openvas 47
nessus 43
oraclelinux 3
mageia 2
amazon 2
centos 3
suse 13
redhat 7
ubuntu 3
debian 1
veracode 14
securityvulns 1
ibm 16
prion 9
cve 10
attackerkb 1
ubuntucve 12
threatpost 1
thn 3
packetstorm 1
checkpoint_advisories 3
seebug 1
saint 1
zdi 2
openvas
openvas
CentOS Update for java CESA-2013:0957 centos6
2013-06-24 00:00:00
Mageia: Security Advisory (MGASA-2013-0185)
2022-01-28 00:00:00
RedHat Update for java-1.7.0-openjdk RHSA-2013:0958-01
2013-06-24 00:00:00
nessus
nessus
CentOS 5 : java-1.7.0-openjdk (CESA-2013:0958)
2013-06-21 00:00:00
Ubuntu 12.04 LTS / 12.10 / 13.04 : icedtea-web update (USN-1907-2)
2013-07-17 00:00:00
Debian DSA-2722-1 : openjdk-7 - several vulnerabilities
2013-07-16 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.6.0-openjdk security update
2013-07-03 00:00:00
mageia
mageia
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities
2013-06-26 22:13:26
Updated java-1.6.0-openjdk packages fix security vulnerabilities
2013-07-16 11:26:07
amazon
amazon
Important: java-1.7.0-openjdk
2013-06-20 14:14:00
Important: java-1.6.0-openjdk
2013-07-12 15:31:00
centos
centos
java security update
2013-06-20 06:43:01
java security update
2013-06-20 06:46:44
java security update
2013-07-04 10:07:44
suse
suse
Security update for java-1_7_0-openjdk (important)
2013-07-25 16:04:14
Security update for java-1_6_0-openjdk (important)
2013-07-23 22:04:14
Security update for IBMJava5 JRE and IBMJava5 SDK (important)
2013-08-02 23:04:12
redhat
redhat
(RHSA-2013:0958) Important: java-1.7.0-openjdk security update
2013-06-19 00:00:00
(RHSA-2013:0957) Critical: java-1.7.0-openjdk security update
2013-06-19 00:00:00
(RHSA-2013:1014) Important: java-1.6.0-openjdk security update
2013-07-03 00:00:00
ubuntu
ubuntu
IcedTea Web update
2013-07-16 00:00:00
OpenJDK 7 vulnerabilities
2013-07-16 00:00:00
OpenJDK 6 vulnerabilities
2013-07-23 00:00:00
debian
debian
[SECURITY] [DSA 2727-1] openjdk-6 security update
2013-07-25 21:11:57
veracode
veracode
Information Disclosure
2019-05-02 04:46:29
Privilege Escalation
2019-05-02 04:46:31
Privilege Escalation
2019-05-02 04:46:29
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-08-28 00:00:00
ibm
ibm
Security Bulletin: Potential security vulnerabilities with JavaTM SDKs
2022-09-25 21:06:56
Security Bulletin: WebSphere Application Server - Oracle CPU shipped with Rational Application Developer for WebSphere Software June 2013 (CVE-2013-1571)
2020-02-05 00:09:48
Security Bulletin: WebSphere Application Server - IBM SDK for Java June 2013 CPU
2022-09-25 21:06:56
prion
prion
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
cve
cve
CVE-2013-2464
2013-06-18 22:55:00
CVE-2013-2455
2013-06-18 22:55:00
CVE-2013-2443
2013-06-18 22:55:00
attackerkb
attackerkb
CVE-2013-2464
2013-06-18 00:00:00
ubuntucve
ubuntucve
CVE-2013-2464
2013-06-18 00:00:00
CVE-2013-2443
2013-06-18 00:00:00
CVE-2013-2455
2013-06-18 00:00:00
threatpost
threatpost
Many Flash, Java Users Running Older, Vulnerable Versions
2013-09-06 07:40:52
thn
thn
New Mac OS Malware exploited two known Java vulnerabilities
2013-09-24 04:15:00
New Mac OS Malware exploited two known Java vulnerabilities
2013-09-24 15:15:00
Caphaw Banking Malware Distributed via YouTube Ads
2014-02-24 23:20:00
packetstorm
packetstorm
Java Applet ProviderSkeleton Insecure Invoke Method
2013-06-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java SE XML Digital Signature Spoofing (CVE-2013-2461)
2013-10-27 00:00:00
Oracle Java sun.tracing.ProviderSkeleton Sandbox Bypass Code Execution - Ver2 (CVE-2013-2460)
2014-03-31 00:00:00
Java Applet ProviderSkeleton Class Insecure Invoke Method (CVE-2013-2460)
2013-07-10 00:00:00
seebug
seebug
Java Applet ProviderSkeleton Insecure Invoke Method
2014-07-01 00:00:00
saint
saint
Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability
2013-07-11 00:00:00
zdi
zdi
Oracle Java Sequencer Security Manager Bypass Remote Code Execution Vulnerability
2013-06-27 00:00:00
Oracle Java ShortComponentRaster Buffer Overflow Remote Code Execution Vulnerability
2013-06-27 00:00:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.01 Low

EPSS

Percentile

83.5%

JSON
Related for DEBIAN:DSA-2722-1:0F82B
openvas47nessus43oraclelinux3mageia2amazon2centos3suse13redhat7ubuntu3debian1veracode14securityvulns1ibm16prion9cve10attackerkb1ubuntucve12threatpost1thn3packetstorm1checkpoint_advisories3seebug1saint1zdi2